<?php

/***************************************************************\
* FILE:		sys/pages/admin.inc
* SECTION:	pages > administrator set
* FUNCTION:	administrator toolset
* USES:	
* INCLUDES:		
* PRODUCES:	
* LAUNCHES:	
\***************************************************************/

/**
 * adds extra access checks, dependent on page state
 */
function page_inc_check_access() {
	check_access("ADMIN");
}

function page_inc_execute_action($action) {
	global $PAGE;

	switch($action) {
		case "edit":
		case "add":
			break;
		default:
			add_alert("unknown action: $action");
			break;
	}
}

/**
 * execute page logic
 */
//Todo: Clean up huge frickin' function
function page_inc_execute() {
	global $PAGE, $CONFIG;
	$THISDIR = $PAGE['directory_tree'][$PAGE['dir_depth']-1];

	$PAGE['content']['title'] = "Administrator panel > access rights";

	if ($_POST['submitted']) { 
	
		if ($_POST['rule'])
			$rule = "ALLOW";
		else
			$rule = "DENY";
		if ($_POST['subject'] == "guest")
			$subject = "GUEST";
		else if ($_POST['user_id'])
			$subject = "USER #{$_POST['user_id']} '{$_POST['name']}'";
		else if ($_POST['usergroup_id'])
			$subject = "GROUP #{$_POST['usergroup_id']} '{$_POST['description']}'";
		else if ($_POST['ipstring'])
			$subject = "IP '{$_POST['ipstring']}'";
		else
			errorpage(9);
		$rule = "$rule {$_POST['action_id']} in dir #{$_POST['dir_id']} for $subject (rank {$_POST['rank']})";

		if ($_GET['action'] == "add") {
				
			if (!$_POST['confirmed']) {
				$PAGE['content']['form'] = form_confirm("Bent u zeker dat u deze regel wil toevoegen: '$rule'");
			} else if ($_POST['confirmed'] == "YES") {
				// add rule
				$sql = db_query_insert(array('dir_id', 'action_id', 'user_id', 'usergroup_id', 'ipstring', 'guest', 'allow', 'rank'), array(($_POST['dir_id'] == "ROOT") ? 0 : $_POST['dir_id'], $_POST['action_id'], $_POST['user_id'] ? $_POST['user_id'] : "NULL", $_POST['usergroup_id'] ? $_POST['usergroup_id'] : 0, $_POST['ipstring'] ? $_POST['ipstring'] : "''", ($_POST['subject'] == "guest") ? 1 : 0, ($_POST['rule'] == "deny") ? 0 : 1, $_POST['rank']), "ACCESS_RULE");
				db_do_query($sql);
				add_log("gebruiker #{$_SESSION['user_id']} voegde volgende regel toe: '$rule'");
				endpage("rule added: $sql");
			}
		
		} else if ($_GET['action'] == "edit") {
		
			if ($_POST['delete']) {
				if (!$_POST['confirmed']) {
					$sql = db_query_select(array(array(), "ACCESS_RULE.*, MEMBER.name, ACCESS_ACTION.action, USERGROUP.description"), array("((ACCESS_RULE LEFT JOIN ACCESS_ACTION ON ACCESS_RULE.action_id = ACCESS_ACTION.action_id) LEFT JOIN MEMBER ON ACCESS_RULE.user_id = MEMBER.user_id) LEFT JOIN USERGROUP ON ACCESS_RULE.usergroup_id = USERGROUP.usergroup_id"), "access_id = {$PAGE['id']}", "action ASC, rank ASC");
					$sqlresult = db_do_query($sql);
					$oldr = db_fetch_array($sqlresult);
					if ($oldr['rule'])
						$oldrule = "ALLOW";
					else
						$oldrule = "DENY";
					if ($oldr['guest'])
						$subject = "GUEST";
					else if ($oldr['user_id'])
						$subject = "USER #{$oldr['user_id']} '{$oldr['name']}'";
					else if ($oldr['usergroup_id'])
						$subject = "GROUP #{$oldr['usergroup_id']} '{$oldr['description']}'";
					else if ($oldr['ipstring'])
						$subject = "IP '{$oldr['ipstring']}'";
					else
						errorpage(9);
					$oldrule = "$oldrule {$oldr['action']} in dir #{$oldr['dir_id']} for $subject (rank {$oldr['rank']})";
					$PAGE['content']['form'] = form_confirm("Bent u zeker dat u '$oldrule' wil verwijderen ?");
				} else if ($_POST['confirmed'] == "YES") {
					// delete rule
					$sql = db_query_delete("ACCESS_RULE", "access_id = {$PAGE['id']}");
					db_do_query($sql);
					add_log("gebruiker #{$_SESSION['user_id']} verwijderde deze regel: '$rule'");
					endpage("rule deleted");
				}
		
			} else {
				if (!$_POST['confirmed']) {
					$sql = db_query_select(array(array(), "ACCESS_RULE.*, MEMBER.name, ACCESS_ACTION.action, USERGROUP.description"), array("((ACCESS_RULE LEFT JOIN ACCESS_ACTION ON ACCESS_RULE.action_id = ACCESS_ACTION.action_id) LEFT JOIN MEMBER ON ACCESS_RULE.user_id = MEMBER.user_id) LEFT JOIN USERGROUP ON ACCESS_RULE.usergroup_id = USERGROUP.usergroup_id"), "access_id = {$PAGE['id']}", "action ASC, rank ASC");
					$sqlresult = db_do_query($sql);
					$oldr = db_fetch_array($sqlresult);
					if ($oldr['rule'])
						$oldrule = "ALLOW";
					else
						$oldrule = "DENY";
					if ($oldr['guest'])
						$subject = "GUEST";
					else if ($oldr['user_id'])
						$subject = "USER #{$oldr['user_id']} '{$oldr['name']}'";
					else if ($oldr['usergroup_id'])
						$subject = "GROUP #{$oldr['usergroup_id']} '{$oldr['description']}'";
					else if ($oldr['ipstring'])
						$subject = "IP '{$oldr['ipstring']}'";
					else
						errorpage(9);
					$oldrule = "$oldrule {$oldr['action']} in dir #{$oldr['dir_id']} for $subject (rank {$oldr['rank']})";
					$PAGE['content']['form'] = form_confirm("Bent u zeker dat u '$oldrule' wil veranderen in '$rule' ?");
				} else if ($_POST['confirmed'] == "YES") {
					// edit rule
					$sql = db_query_update(array('dir_id', 'action_id', 'user_id', 'usergroup_id', 'ipstring', 'guest', 'allow', 'rank'), array(($_POST['dir_id'] == "ROOT") ? 0 : $_POST['dir_id'], $_POST['action_id'], $_POST['user_id'] ? $_POST['user_id'] : "NULL", $_POST['usergroup_id'] ? $_POST['usergroup_id'] : 0, $_POST['ipstring'] ? $_POST['ipstring'] : "''", ($_POST['subject'] == "guest") ? 1 : 0, ($_POST['rule'] == "deny") ? 0 : 1, $_POST['rank']), "ACCESS_RULE", "access_id = {$PAGE['id']}");
					db_do_query($sql);
					add_log("gebruiker #{$_SESSION['user_id']} paste deze regel aan: '$rule'");
					endpage("rule edited: $sql");
				}
			}
		}
	} else {
		$inputs = array();

		if ($_GET['action'] == "edit") {
			$sql = db_query_select(array(array(), "ACCESS_RULE.*, MEMBER.name, ACCESS_ACTION.action, USERGROUP.description"), array("((ACCESS_RULE LEFT JOIN ACCESS_ACTION ON ACCESS_RULE.action_id = ACCESS_ACTION.action_id) LEFT JOIN MEMBER ON ACCESS_RULE.user_id = MEMBER.user_id) LEFT JOIN USERGROUP ON ACCESS_RULE.usergroup_id = USERGROUP.usergroup_id"), "access_id = {$PAGE['id']}", "action ASC, rank ASC");
			$sqlresult = db_do_query($sql);
			$rule = db_fetch_array($sqlresult);
		}

		if (($_GET['action'] == "add") or ($_GET['action'] == "edit")) {
			$inputs[] = form_input_hidden("access_id", $rule['access_id']);
		
			$inputs[] = form_input_select("regel", "rule", array('allow','deny'), array('allow', 'deny'), "", $rule['rule'] ? "allow" : "deny");

			$kv = generate_dirlist(0, 1, array('ROOT'), array('root'), $PAGE['menu']);
			$inputs[] = form_input_select("directory", "dir_id", $kv['keys'], $kv['values'], "", $rule['dir_id']);

			$kv = get_keys_and_values("action_id", "action", "ACCESS_ACTION", 1, "action ASC");
			$inputs[] = form_input_select("actie", "action_id", $kv['keys'], $kv['values'], "", $rule['action_id']);
			
			if (($_POST['subject'] == "guest") or $rule['guest'])
				$subject = "guest";
			else if (($_POST['subject'] == "user") or $rule['user_id']) {
				$subject = "user";
				$user = $rule['user_id'];
			} else if (($_POST['subject'] == "usergroup") or $rule['usergroup_id']) {
				$subject = "usergroup";
				$usergroup = $rule['usergroup_id'];
			} else if (($_POST['subject'] == "ipstring") or $rule['ipstring']) {
				$subject = "ipstring";
				$ipstring = $rule['ipstring'];
			}
			$inputs[] = form_input_select("subject", "subject", array('guest', 'user', 'usergroup', 'ipstring'), array('guest', 'user', 'usergroup', 'ipstring'), "", $subject, "document.accessform.submit()");
			switch ($subject) {
				case 'guest':
					$inputs[] = form_input_hidden("guest", "guest", "guest", 10, 10, "", 1);
					break;
				case 'user':
					$kv = get_keys_and_values("user_id", "nick", "MEMBER", 1, "nick ASC");
					$inputs[] = form_input_select("gebruiker", "user_id", $kv['keys'], $kv['values'], "", $user);
					break;
				case 'usergroup':
					$kv = get_keys_and_values("usergroup_id", "description", "USERGROUP", 1, "usergroup_id ASC");
					$inputs[] = form_input_select("groep", "usergroup_id", $kv['keys'], $kv['values'], "", $usergroup);
					break;
				case 'ipstring':
					$inputs[] = form_input_field("ipstring", "ipstring", $ipstring, 40, 40);
					break;
			}
			$inputs[] = form_input_field("rank", "rank", $rule['rank'], 1, 1);

			if ($_GET['action'] == "edit")
				$inputs[] = form_input_checkbox("delete this rule", "delete");
		}

		$PAGE['content']['form'] = form_create("accessform", array_reverse($inputs));	
	}
	
	$sql = db_query_select(array(array(), "ACCESS_RULE.*, MEMBER.name, ACCESS_ACTION.action, USERGROUP.description"), array("((ACCESS_RULE LEFT JOIN ACCESS_ACTION ON ACCESS_RULE.action_id = ACCESS_ACTION.action_id) LEFT JOIN MEMBER ON ACCESS_RULE.user_id = MEMBER.user_id) LEFT JOIN USERGROUP ON ACCESS_RULE.usergroup_id = USERGROUP.usergroup_id"), 1, "action ASC, rank ASC");
	$sqlresult = db_do_query($sql);
	$rows = array();
	while ($r = db_fetch_array($sqlresult)) {
		if ($r['allow'])
			$rule = "ALLOW";
		else
			$rule = "DENY";
		if ($r['guest'])
			$subject = "GUEST";
		else if ($r['user_id'])
			$subject = "USER #{$r['user_id']} '{$r['name']}'";
		else if ($r['usergroup_id'])
			$subject = "GROUP #{$r['usergroup_id']} '{$r['description']}'";
		else if ($r['ipstring'])
			$subject = "IP '{$r['ipstring']}'";
		else
			$subject = "unknown ????";
		$actions = "<a href={$PAGE['dirpath']}/{$r['access_id']}.access?action=edit>edit</a>";
		if ($r['dir_id']) {
			$sql = db_query_select(array(array('menuname')), array('DIRECTORY'), "dir_id = {$r['dir_id']}");
			$dir = db_fetch_array(db_do_query($sql));
			$dir = $dir['menuname'] ? $dir['menuname'] : "-";
		} else
			$dir = "root";
		$row = array($rule, $r['action'], $dir, $subject, $r['rank'], $actions);
		array_push($rows, $row);
	}
	$headers = array("rule", "action", "directory", "subject", "rank", " ");
	$aligns = array("left", "left", "left", "left", "center", "left");
	$widths = array(70, 100, 100, 300, 30, "*");
		
	$PAGE['content']['actable'] = array('headers' => $headers, 'rows' => $rows, 'widths' => $widths, 'aligns' => $aligns);
	
	add_action("add_access", "url-action", "add");
	
}

/**
 * dress up page content using skin stuff
 */
function page_inc_dress() {
	global $PAGE;
	if ($_GET['action'] == "edit" or $_GET['action'] == "add") {
		print_form($PAGE['content']['form']);
	}
	print_table($PAGE['content']['actable']);
}

function generate_dirlist($parent, $level, $keys, $vals, $menu) {
	$rank = 0;	
	$space = "";
	for ($i = 0; $i < $level; $i++)
		$space .= "&nbsp;&nbsp;&nbsp;&nbsp;";
	while ($id = @array_shift($menu[$parent]['children'])) {
		array_push($keys, $id);
		array_push($vals, $space . $menu[$id]["menuname"]);
		$kv = generate_dirlist($id, ($level+1), $keys, $vals, $menu);
		$keys = $kv['keys'];
		$vals = $kv['values'];
	}
	return array('keys' => $keys, 'values' => $vals);
}

?>
